hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 03:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

C++: Minor correction in one of the string models.

Browse Source
This commit is contained in:
Geoffrey White
2020-08-26 18:32:46 +01:00
parent fbac4ce44f
commit 0952fb9777
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cpp/ql/src/semmle/code/cpp/models/implementations/StdString.qll
View File

@@ -16,7 +16,7 @@ class StdStringCStr extends TaintFunction {
override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) {
// flow from string itself (qualifier) to return value
input.isQualifierObject() and
output.isReturnValue()
output.isReturnValueDeref()
}
}
@@ -29,7 +29,7 @@ class StdStringData extends TaintFunction {
override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) {
// flow from string itself (qualifier) to return value
input.isQualifierObject() and
output.isReturnValue()
output.isReturnValueDeref()
or
// reverse flow from returned reference to the qualifier (for writes to
// `data`)